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CLAIM AMENDMENTS 

This listing of claims will replace all prior versions and listings of claims in the 
application. 
Listing of Claims 

I . (Currently Amended) A method of metering the packet rate of a packet flow, comprising 
the steps of: 

a) configuring a packet rate limit for an ACL (access control list) interface, defined by a 
maximum number of packets P inax acceptable in a time interval T rcfi ^ sh ; 

b) counting the number of packets P received at said ACL interface; mi 

c) discarding all packets arriving at said ACL after P max has been reache d: and 
— : d) placing the discarded packets in an extraction queue for further examination . 

2. ■ (Original) The method of claim 1 , wherein P.sub.max and T.sub.refresh are configurable. 

3. (Original) The method of claim 1, wherein step b) comprises: providing a packet rate 
limit counter at said ACL interface and initiating said counter at a value StartCount; 
incrementing the counter with each received packet of said packet flow to provide a 
CurrentCount, and resetting said counter at said time intervals T.sub.refresh. 

4. (Original) The method of claim 3, wherein step c) comprises discarding all packets 
arriving at said ACL interface after said counter reached a saturation value CountSat. 
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5. (Original) Tlie method of claim 3, wherein step c) comprises: discarding all packets 
arriving at said counter after said counter reached a saturation value CountSat; and counting the 
number of the packets discarded since said counter reaches said saturation value until said 
T.sub.refresh. 

6. (Original) The method of claim 5, wherein counting of the discarded packets is 
performed with said counter. 

i 

\[ 7. (Currently Amended) The method of claim 1, further comprising placing the discarded 

\\ pao k oto in an extraction queue for farther examination wherein said extraction queue examines 

? the discard ed packets to determine a cause of the excessive rate . 

'i • 

8. (Withdrawn) For an access control list (ACL) unit provided at a router controlling which 

x '* 

IP packets of a packet flow are allowed to enter an IP network based on a plurality of rules, a rate 
i . limiting ACL rule comprising: 

I operating said interface according to an "accept and discard" action, when each packet is 

I. . accepted or discarded based on a packet rate limit; 

I operating said interface according to an "accept with extraction" action when each packet 

is accepted or extracted based on said packet rate limit; and 

placing each extracted packet in an extraction queue for further examination. 

) ' ■ i 
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9. (Withdrawn) The method of claim 8, wherein said packet rate limit is defined as the 
maximum number of packets acceptable in a time interval T refrresh . 

1 0. (Withdrawn) The method of claim 9, wherein said rate limiting rule further comprises 
operating said interface according to a "deny and discard" action, when each packet received at 
said counter during said time interval T tetm$h) and which is in excess of said P™, is denied 
access and discarded. 

1 1 { (Withdrawn) The method of claim 9, wherein said rate limiting rule further comprises 
operating said interface according to a "deny and extract" action, when each packet received at 
said counter in excess of said P raax during said time interval T^ I<sh , is denied access to said IP 
network and extracted for further examination. 

12.: (Withdrawn) The of claim 9, wherein said "accept and discard" action comprises: 
initiating a packet rate limiting counter to a CountStart value; 

counting each packet with sai d counter to provide a CwrentCount value indicative of the 
number of packets received over said interface until saturation CountSat of said counter is 
reached; 

: allowing each said packet that has CurrentCount less than said CountSat within said time 
interval Tjrf^; and 

r 
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discarding each said packet arrived at said counter after saturation of said counter and 

before the beginning of a next time interval T re f^ h . 

13> (Withdrawn) A line card for a router connected to an IP network, comprising, for each 
interface on said line card; 

a packet forwarding ASIC with an access control list (ACL) unit provided for controlling 
w&ch IP packets are allowed to enter or exit an IP network based on a plurality of rules; 

a packet rate limit counter in said ACL unit for measuring the packet rate of a packet 
flow; and 

a housekeeping processor for operating said counter to implement an access control rate 
limiting rule for said packet flow. 

14.: (Withdrawn) The line card of claim 13, wherein said counter comprises a packet counter 
fielil for counting each packet received in said packet flow, and a state register field for 
determining the action to be performed on said packet. 

■i • 

I ■ ' 

• 15 - . (Withdrawn) The line card of claim 13, wherein said counter comprises a 13-bit packet 

counter field for counting each packet received in said packet flow, and a 3 -bit state register field 

.? ■ for determining the action to be performed on said packet, wherein said state register occupies 
the most significant bits of each said counter. 

i { 
j " ' 
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1 6. (Withdrawn) The line card of claim 1 3, wherein said housekeeping processor comprises 
means for resetting said packet counter field at a present interval of time T^h- 

17. (Withdrawn) The line card of claim 13, wherein said housekeeping processor comprises 
means for presetting said packet counter field at a start value StartCount each given interval of 
time Trtfttsh, 

1 8. (Withdrawn) The line card of claim 1 3 > wherein said housekeeping processor comprises 
m^ans for setting said state register field to an action value that determines the operation state of 
said ACL unit, 

1 9. (Withdrawn) The line card of claim 1 8, wherein said housekeeping processor sets said 
action value to indicates one of an "accept and discard'' and an "accept with extract" action, 
when said packet counter field counts each incoming packet until saturation of said counter. 

20. \ (Withdrawn) The line card of claim 1 9, wherein said ACL unit sets said action value to 
indicates one of an "discard" and an "extract" action, when said counter filed is saturated, while 
said ACL unit denies access to each said packet. 



7- 
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2 1 . (Withdrawn) In an ACL unit provided at a router for controlling which IP packets are 

allowed to enter/exit an IP network based on a plurality of rules, a counter for measuring the 

packet rate of a packet flow, comprising: 

a packet counter field for counting each packet in said packet flow; and 

a state register field for determining the action to be performed on each said packet. 

2Z (Withdrawn) The counter of claim 21 , wherein said state register field occupies the 3- 
most significant bits of said counter and said packet counter field occupies the reminder of 1 3 
bits. 
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